package com.dongdong.controller.config;


import com.dongdong.controller.realm.UserRealm;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.filter.mgt.DefaultFilter;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.LinkedHashMap;


@Configuration
public class ShiroConfig {

    //实例化realm
    @Bean
    public UserRealm userRealm(){

        UserRealm userRealm = new UserRealm();    //解密需要实例化
        userRealm.setCredentialsMatcher(hashedCredentialsMatcher());
        return userRealm;
    }

    //实例化manage对象
    @Bean
    public DefaultWebSecurityManager defaultWebSecurityManager(){
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
        //关联UserRealm
        defaultWebSecurityManager.setRealm(userRealm());
        return defaultWebSecurityManager;
    }

    //实例化过滤器对象
    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(){
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        //设置安全管理器
        shiroFilterFactoryBean.setSecurityManager(defaultWebSecurityManager());
        //设置拦截路径
        LinkedHashMap<String, String> map = new LinkedHashMap<>();

        map.put("/user/**", DefaultFilter.anon.name());    //放行登录请求
        map.put("/content/**", DefaultFilter.anon.name());    //放行
        map.put("/address/**", DefaultFilter.anon.name());    //放行
        map.put("/toOrders/**", DefaultFilter.anon.name());    //放行

//        map.put("/test/logout", DefaultFilter.logout.name());        //放行 退出登录
//        map.put("/test/delete", "perms[movie_delete]");  //删除页面授权才可使用

        map.put("/js/**",DefaultFilter.anon.name());//静态资源放过


        map.put("/**", DefaultFilter.authc.name());        //拦截所有


        //放入过滤器中
        shiroFilterFactoryBean.setFilterChainDefinitionMap(map);

//        shiroFilterFactoryBean.setLoginUrl("/loginController/toLogin");        //配置跳转的登录页面
//        shiroFilterFactoryBean.setUnauthorizedUrl("/loginController/unauthorized"); //设置没有权限页面

        return shiroFilterFactoryBean;
    }
//配置解密方式
    @Bean
    public HashedCredentialsMatcher hashedCredentialsMatcher(){
        HashedCredentialsMatcher hash = new HashedCredentialsMatcher();

        hash.setHashAlgorithmName("md5"); //指定加密方式
        hash.setHashIterations(5);//指定加密次数
        hash.setStoredCredentialsHexEncoded(true);   //指定编码
        return hash;
    }





//    @Bean
//    public ShiroFilterFactoryBean shiroFilterFactoryBean(@Autowired DefaultWebSecurityManager defaultWebSecurityManager ){
//        ShiroFilterFactoryBean filterFactoryBean = new ShiroFilterFactoryBean(); //过滤器链
//        filterFactoryBean.setSecurityManager(defaultWebSecurityManager);
//
//        /*
//        * anon  表示不需要登录直接放过
//        * authc 表示必须登录才能访问
//        * perms 表示必须有权限才能访问
//        * HashMap,LinkedHashMap 存取有序  shiro过滤器   Treemap 根据存入元素大小排序
//        * */
//
//        Map<String,String> map= new LinkedHashMap<>(); //有序的map:存取有序
//        map.put("/index","anon");//放过
//        map.put("/login","anon");//登录方法放过
//        map.put("/crudController/delete","perms[del]");//必须有权限才能访问 []中的属性代表不同的权限，自定义
////        map.put("/crudController/add","perms[add]");//必须有权限才能访问 []中的属性代表不同的权限，自定义
//        map.put("/js/**","anon");//静态资源放过
//        map.put("/**","authc");//必须登录才能访问
//        filterFactoryBean.setFilterChainDefinitionMap(map);
//        filterFactoryBean.setLoginUrl("/toLogin");//可以设置登录路径
//        filterFactoryBean.setUnauthorizedUrl("/unauthorized");//若没有权限，需要跳转到指定页面  Unauthorized
//
//        return filterFactoryBean;
//    }




}
